Infrastructure

This entity category includes entities that are related to computer network infrastructure.

Banner

Entity Meta

Display Name

Banner

Entity Name

maltego.Banner

Short Description

Banner

Entity Category

Infrastructure

Base Entity

maltego.Phrase

Entity Properties

Display Name

Property Name

Data Type

Short Description

Sample Value

Text

text

string

A hash entity

Some phrase

Website Title

Entity Meta

Display Name

Website Title

Entity Name

maltego.WebTitle

Short Description

Title of a website

Entity Category

Infrastructure

Base Entity

maltego.Unknown

Entity Properties

Display Name

Property Name

Data Type

Short Description

Sample Value

Title

title

string

Paterva (Pty) Ltd

Domain

Entity Meta

Display Name

Domain

Entity Name

maltego.Domain

Short Description

An internet domain

Entity Category

Infrastructure

Base Entity

maltego.Unknown

Entity Properties

Property Name

Type

Display name

Fqdn

string

Domain name

whois-info

string

WHOIS info

Entity Description

A domain is the 'cnn.com' part of 'www.cnn.com'. It is the 'google.com' part of 'www.google.com'. A domain has to be registered by a person or an organisation. A domain is registered in a TLD (top level domain), and might have a SLD (sub level domain). Consider the web site 'www.abc.co.uk'. The top level domain (TLD) is 'uk'. The sub level domain is 'co.uk'. The domain itself is 'abc.co.uk'. A domain contains whois information - this information contains (at least) the details of who registered the domain.

Related Entities

MX Record

Entity Meta

Entity Properties

Property Name

Type

Display name

fqdn

string

MX Record

mxrecord.priority

integer

Priority

Entity Description

The MX (mail exchange) records contains information about where mail should be sent for email addresses at the domain (for example mail for anyone@abc.com should be sent to mx1.abc.com). You should understand the relationship between Domain, DNS Name and IP number as this system is one of the main building blocks of Internet.

IPv4 Address

Entity Meta

Entity Properties

Property Name

Type

Display name

ipv4-address

string

IP Address

ipaddress.internal

boolean

Internal

Entity Description

An IP (Internet protocol) address is like the telephone number of a computer on the Internet. In IP version 4 (which is most common on the Internet today) this 'telephone' number is made up of 4 numbers, seperated by a dot. The numbers range from 0-255. An IP number thus could be 192.168.0.1 or 196.25.1.1. In order for a computer to speak to another machine over an IP network it has to know the IP number of the remote machine. Because people are better at remembering names than remembering numbers we have DNS. DNS is the whitepages of the Internet. It looks up (or resolves) the IP address for a DNS name. Thus the DNS name www.abc.co.uk resolves to the IP number 85.91.32.29. Just like domains IP addresses also needs to be registered. They are normally grouped in a block of IP addresses and blocks are assigned to organisations such as ISPs. The information of the organisation is contained in whois information of the IP block.

Related Entities

URL

Entity Meta

Entity Properties

Property Name

Type

Display name

short-title

string

Short Title

url

URL

Value

title

string

Title

What is mildly interesting is that Maltego does not keep URL as the main value in this entity (because rendering a URL is just messy). Where possible the URL's truncated title is kept in the value. If the title is not available, the truncated URL is stored in the main value. The actual URL is kept in the (Actual URL) field. Additionally the full title is kept in the (Full Title) field.

Related Entities

DNS Name

Entity Meta

Entity Properties

Property Name

Type

Display name

Fqdn

string

DNS Name

Entity Description

DNS stands for Domain Name System. 'www.google.com' is a DNS name. 'mail.abc.com' is a DNS name. 'mx1.sub.abc.co.uk' is a DNS name. A DNS name becomes an entry in a domain's zone file. The zone file is just a file that contains a list of DNS Names per domain. There are several types of DNS names. The everyday DNS names (like 'www.abc.com') are called A (or CName) records. The MX (mail exchange) records contains information about where mail should be sent for email addresses at the domain (for example mail for anyone@abc.com should be sent to mx1.abc.com). The NS records (name server) shows which servers are name servers for this domain - in other words who keeps the zone files for the domain. Every DNS name is (or should be) connected to an IP address. In some cases the reverse is also true - an IP address can resolve to a DNS name. You should understand the relationship between Domain, DNS Name and IP number as this system is one of the main building blocks of Internet.

Related Entities

AS

Entity Meta

Entity Properties

Property Name

Type

Display name

as.number

integer

AS Number

Entity DescriptionAS stands for Autonomous System. It is basically a collection of routes (and thus netblocks). Large organisations or ISPs typically have their own AS numbers. The BGP routing protocol makes use of AS numbers.

Tracking Code

Entity Meta

Entity Properties

Property Name

Type

Display name

properties.uniqueidentifier

string

UniqueIdentifier

identifierType

string

Identifier Type

Entity Description

This entity represents a unique code that can be found in the JavaScript of some websites. Services that include such codes include Google Analytics, AdWords, PayPal Donate buttons, etc. These codes can be used to link websites together based on the owner of the tracking code.

Website

Entiy Meta

Display Name

Website

Entity Name

maltego.Website

Short Description

An internet website

Entity Category

Infrastructure

Base Entity

maltego.DNSName

Entity Properties

Property Name

Type

Display name

fqdn

string

Website

website.ssl-enabled

boolean

SSL Enabled

ports

int []

Ports

Entity Description

A web site is simply an special type of DNS name. Maltego sees these as two different types because there are many website specific transforms.

Related Entities

NS Record

Entity Meta

Entity Properties

Property Name

Type

Display name

fqdn

string

MX Record

Entity Description

The NS records (name server) shows which servers are name servers for this domain - in other words who keeps the zone files for the domain. You should understand the relationship between Domain, DNS Name and IP number as this system is one of the main building blocks of Internet.